/**
* Authenticate a user.
*
* @param string $username
* @param string $password
* @return true if there were no errors and user was authenticated, error string if there was an error.
*/
function authenticate($username, $password, $flavor)
{
// Authenticate user.
try {
// TODO move to use PHP Auth?
$dbCon = RingsideApiDbDatabase::getDatabaseConnection();
$userDb = new Api_Dao_User();
$uid = $userDb->login($username, $password, $dbCon);
return $uid;
} catch (Exception $e) {
$error = '';
$code = $e->getCode();
if ($code == NO_USER) {
$error = "No User with User Name {$username} exists!<BR><a href=\"register.php\">Sign Up!</a>";
} else {
if ($code == BAD_PASSWORD) {
$error = 'Invalid Password';
} else {
$error = $e->getMessage();
}
}
loadForm($flavor, $error, $_REQUEST);
}
return false;
}